Description
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
Products
- OpenAtom OpenHarmony
- OpenAtom OpenHarmony
- OpenAtom OpenHarmony 1.0
- OpenAtom OpenHarmony 2.0
- OpenAtom OpenHarmony 2.2 Beta 2
- OpenAtom OpenHarmony 3.1.1
- OpenAtom OpenHarmony 3.1.2
- OpenAtom OpenHarmony 3.1.3
- OpenAtom OpenHarmony 3.1.4
- OpenAtom OpenHarmony 3.1.5
- OpenAtom OpenHarmony 3.1.6
- OpenAtom OpenHarmony 3.1
- OpenAtom OpenHarmony 3.1 Beta
- OpenAtom OpenHarmony 3.2.1
- OpenAtom OpenHarmony 3.2.2
- OpenAtom OpenHarmony 3.2.3
- OpenAtom OpenHarmony 3.2.4
- OpenAtom OpenHarmony 3.2
- OpenAtom OpenHarmony 3.2 Beta 1
- OpenAtom OpenHarmony 3.2 Beta 2
- OpenAtom OpenHarmony 3.2 Beta 3
- OpenAtom OpenHarmony 3.2 Beta 4
- OpenAtom OpenHarmony 3.2 Beta 5
- OpenAtom OpenHarmony 4.0.1
- OpenAtom OpenHarmony 4.0.2
- OpenAtom OpenHarmony 4.0.3
- OpenAtom OpenHarmony 4.0
- OpenAtom OpenHarmony 4.0 Beta 1
- OpenAtom OpenHarmony 4.0 Beta 2
- OpenAtom OpenHarmony 4.1.0
- OpenAtom OpenHarmony 4.1.1
- OpenAtom OpenHarmony 4.1.2
- OpenAtom OpenHarmony 4.1.3
- OpenAtom OpenHarmony 4.1
- OpenAtom OpenHarmony 4.1 Beta 1
- OpenAtom OpenHarmony 5.0.1
- OpenAtom OpenHarmony 5.0.2
- OpenAtom OpenHarmony 5.0
- OpenAtom OpenHarmony 5.0 Beta 1
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2025-27132, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2025-27132 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References